girisimiz.jojobetamp1.com Open in urlscan Pro
172.67.209.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://girisimiz.jojobetamp1.com/amp.php
Submission Tags: @phish_report
Submission: On June 12 via api (June 12th 2025, 9:39:04 pm UTC) from FI — Scanned from FI

Summary HTTP 4 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 172.67.209.86, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is girisimiz.jojobetamp1.com.
TLS certificate: Issued by WE1 on June 12th 2025. Valid for: 3 months.

This is the only time girisimiz.jojobetamp1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.209.86 172.67.209.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.8.141 172.67.8.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	4

2 172.67.209.86 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

girisimiz.jojobetamp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.8.141 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	jojobetamp1.com girisimiz.jojobetamp1.com	965 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 22332	202 B
1	waust.at waust.at — Cisco Umbrella Rank: 46424	32 KB
4	3

	Domain	Requested by
2	girisimiz.jojobetamp1.com
1	whos.amung.us	waust.at
1	waust.at	girisimiz.jojobetamp1.com
4	3

This site contains links to these domains. Also see Links.

Domain
1219jojobet.com

Subject Issuer	Validity	Valid
jojobetamp1.com WE1	`2025-06-12` - `2025-09-10`	3 months	crt.sh
waust.at WE1	`2025-04-23` - `2025-07-22`	3 months	crt.sh
amung.us WE1	`2025-04-28` - `2025-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://girisimiz.jojobetamp1.com/amp.php
Frame ID: 8A185AED277D63726045232FEA3BD5F7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jojobet Giriş | Jojobet Güncel Adres ve Resmi Site 2025

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

1237 kB
Transfer

4418 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://1219jojobet.com/tr/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request amp.php Show response
girisimiz.jojobetamp1.com/ 3 MB
959 KB 636ms
207ms Document
text/html 172.67.209.86
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://girisimiz.jojobetamp1.com/amp.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.209.86 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99cd229e956bbb694066a9fb9a029ecd57933465c1a9267ed03c9358f2fd2cde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-cache-status: DYNAMIC
cf-ray: 94ec7fb72c24370a-ARN
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 12 Jun 2025 21:39:05 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MkJJwKu02iJ41aE%2FwhmcnacfRVOJHutp2guPGNttvZH2%2F85dpfzKh22r4MjhHR4IJweasy0%2FQSgXg50FaGIMms8vnek94DJX5585N4adFu5uc7umxUkoXEo%3D"}]}
server: cloudflare
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69779c7905bf6571e43ed3a47207c89969dffa4189e12596b234b013cbe14c11

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 800 KB
0 Image
image/jpeg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af30d3247cfc8197c87414048a19fcd508d8d7865dc60f40ac5df496abac8365

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 60 KB
60 KB Font
font/ttf

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a48216157554cf97748598e3703eea0bde168dbc5b6cf3ab77a43a1796c02825

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://girisimiz.jojobetamp1.com
Referer

Response headers

Content-Type: font/ttf

GET
DATA 200
OK truncated
/ 60 KB
60 KB Font
font/ttf

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c83a1bacdb79c1409c563a6f05fd17b972a2479745bc9b6c3e992ee012618ee6

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://girisimiz.jojobetamp1.com
Referer

Response headers

Content-Type: font/ttf

GET
DATA 200
OK truncated
/ 60 KB
60 KB Font
font/ttf

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 015651bee44d761cea35f5ab78bb8a5a283b09bb8d1488976b39e1813595ec06

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://girisimiz.jojobetamp1.com
Referer

Response headers

Content-Type: font/ttf

GET
DATA 200
OK truncated
/ 61 KB
61 KB Font
font/ttf

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5d9656b8d46f2786afbabbf24c9296303b1ec5066ee1eb326c7bd295d684954

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://girisimiz.jojobetamp1.com
Referer

Response headers

Content-Type: font/ttf

GET
H2 200 p2.js Show response
waust.at/ 51 KB
32 KB 640ms
216ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://waust.at/p2.js?w=wk3lva
Requested by: Host: girisimiz.jojobetamp1.com
URL: https://girisimiz.jojobetamp1.com/amp.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.57 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91461eba0cd7dafacecab867a90eea6fe37d4ef9a98bd6694d741aa7e010ce8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://girisimiz.jojobetamp1.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"684aacab-ca61"
age: 842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s93TZv9UNk8bP%2FNQMe7NwJzovXnYFihcCG5QByi1it7HanMe%2FEk2eJQAO%2B5foN9%2BarkJ3vP2yxNvMGAHzQjtPYW14xq5nUwg9DAkuf4rHnBtrazE4RQvC7nC"}],"group":"cf-nel","max_age":604800}
expires: Fri, 13 Jun 2025 21:25:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9033&min_rtt=5158&rtt_var=8709&sent=8&recv=8&lost=0&retrans=0&sent_bytes=4067&recv_bytes=2213&delivery_rate=796989&cwnd=237&unsent_bytes=0&cid=9214c9d1d64306a0&ts=208&x=0"
date: Thu, 12 Jun 2025 21:39:06 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jun 2025 10:32:11 GMT
vary: Accept-Encoding
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 94ec7fbe79ad8d86-HEL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 / Show response
whos.amung.us/p2/widgets/ 22 B
202 B 629ms
233ms XHR
application/json 172.67.8.141
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://whos.amung.us/p2/widgets/?id=wk3lva&src=js&src-meth=xhr
Requested by: Host: waust.at
URL: https://waust.at/p2.js?w=wk3lva
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.141 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47e99d80f272451db82ccc3465e858c6ccf913a479ee095b917e9984c0245ea

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://girisimiz.jojobetamp1.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 94ec7fc25e234e19-HEL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jun 2025 21:39:07 GMT
content-type: application/json
vary: accept-encoding
server: cloudflare

GET
H2 200 favicon.ico
girisimiz.jojobetamp1.com/ 15 KB
6 KB 180ms
179ms Other
image/x-icon 172.67.209.86
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://girisimiz.jojobetamp1.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.209.86 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42faa306f63aa8534ebe39c8c5d030598a966c2a906dd23d3d6e3f0980f9f8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://girisimiz.jojobetamp1.com/amp.php

Response headers

vary: accept-encoding
cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pgnYonzPNVJuGmWBvzNHGPVDmv6FwPx1VVKMMgq6ZDHdNnL9KjluBLvRjeLZCKJTYaWJXnfualVmluBaHM95Y0fY7JpBircMfHVbYd5mdThrEEf9xnyTCpI%3D"}]}
cf-ray: 94ec7fbfedd9370a-ARN
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jun 2025 21:39:06 GMT
x-xss-protection: 1; mode=block
content-type: image/x-icon
last-modified: Wed, 11 Jun 2025 12:46:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| waup object| _waupr

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

girisimiz.jojobetamp1.com
waust.at
whos.amung.us
172.67.209.86
172.67.71.57
172.67.8.141
015651bee44d761cea35f5ab78bb8a5a283b09bb8d1488976b39e1813595ec06
69779c7905bf6571e43ed3a47207c89969dffa4189e12596b234b013cbe14c11
99cd229e956bbb694066a9fb9a029ecd57933465c1a9267ed03c9358f2fd2cde
a48216157554cf97748598e3703eea0bde168dbc5b6cf3ab77a43a1796c02825
af30d3247cfc8197c87414048a19fcd508d8d7865dc60f40ac5df496abac8365
b91461eba0cd7dafacecab867a90eea6fe37d4ef9a98bd6694d741aa7e010ce8
c83a1bacdb79c1409c563a6f05fd17b972a2479745bc9b6c3e992ee012618ee6
d47e99d80f272451db82ccc3465e858c6ccf913a479ee095b917e9984c0245ea
e42faa306f63aa8534ebe39c8c5d030598a966c2a906dd23d3d6e3f0980f9f8b
f5d9656b8d46f2786afbabbf24c9296303b1ec5066ee1eb326c7bd295d684954

girisimiz.jojobetamp1.com Open in urlscan Pro 172.67.209.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

1237 kBTransfer

4418 kBSize

0 Cookies

1 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

girisimiz.jojobetamp1.com Open in urlscan Pro
172.67.209.86 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

1237 kB
Transfer

4418 kB
Size

0
Cookies

4 HTTP transactions
6 data transactions